Averroes wrote:
>
> Hi lists,
>
> This is a repost,
>
> Are ReasonCode & CRLReason CRL Extensions implemented
> in openssl-0.9.6b?
>
"CRL Extensions" covers quite a lot of ground. Some extensions are
supported such as AuthorityKeyIdentifier. However no CRL entry
extensions are supported in 0.
Averroes wrote:
>
> Hi lists,
>
> This is a repost,
>
> Are ReasonCode & CRLReason CRL Extensions implemented
> in openssl-0.9.6b?
>
"CRL Extensions" covers quite a lot of ground. Some extensions are
supported such as AuthorityKeyIdentifier. However no CRL entry
extensions are supported in 0.
On Sun, Aug 05, 2001 at 02:22:59AM +, Peter Shannon wrote:
> I've been using the X509_STORE commands to verify certs but it seems as
> thought the X509_verify_cert() function has no code to process CRLs.
>
> The only mention of crls in x509_cfy.c is a comment with no associated code...
>
>
[EMAIL PROTECTED] wrote:
> (2) I've learned how to import other peoples' certificates to my Netscape
> via LDAP. But, would that be possible via HTTP? When I tried to load PEM or
> DER certificate with application/x-x509-user-cert, Netscape refused it with
> a comment: "The Private Key for this c
On Wed, Apr 05, 2000 at 01:38:14AM -0400, Michael Harvey wrote:
> Be Nice ,..I am new
>
> I Need Help with setting up CRL's
> I run a small www site for a special group
> I set up a Self signed CA
>
> My Problem...
> each client has a cert that is checked
> How do create a Proper crl cer
Dr Stephen Henson wrote:
>
> OpenSSL can still produce V1 CRLs. Even if you delete the whole crl_ext
> section it will still generate a V2 CRL. What you need to do is comment
> out the line:
> crl_extensions = crl_ext
> e.g. put a # at the start. When it sees that no crl extension section is
> na
Dr Stephen Henson wrote:
>
> Mario Fabiano wrote:
> >
> > Then I convert the CRL into other formats, like pkcs7 or DER, e.g.:
> > openssl crl -inform PEM -in $CurrCrl -outform DER -out $dwnlcrl
> ...
> Forget the other formats in my experience only a DER encoded CRL will
